Contact us today!
217-428-6449

Network Solutions Unlimited Blog

Network Solutions Unlimited has been serving the Decatur area since 2013, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Why You Should Pay Attention to Data Security Notifications

Why You Should Pay Attention to Data Security Notifications

If you’ve watched the news lately, chances are you’ve seen the Equifax breach and the ridiculous fallout it has caused. Over 133 million personal records have been stolen. While it’s difficult not to feel individually victimized by such a breach, it’s important to remember that it’s often not your specific credentials targeted by hackers. Since businesses often hold onto valuable information, they have big crosshairs painted onto them. It doesn’t even stop there--any vendors or partners you deal with are also in danger of hacking attacks.

The Equifax breach, which resulted in 143 million records being stolen, has many people concerned about their data security and data breach notification laws--and rightfully so. One of the biggest points of contention with the Equifax breach was that it took so long for them to notify the public following the incident. We’re not here to argue the ethics of Equifax’s decision to withhold information on this breach--we just want to make sure that you understand the technicalities behind why it was acceptable for them to wait before notifying their customers.

State Laws
At the time of writing this, 47 of the 50 states in the United States have data breach laws, with the only holdouts being Alabama, New Mexico, and South Dakota. While Alabama and New Mexico have at least introduced bills regarding data security and notification, South Dakota has yet to do so.

Another issue comes from the fact that these laws are state-exclusive with no unifying standards. Therefore, the laws could be very different from state-to-state. For example, New York’s law demands that notification of a breach should be given as soon as possible and without any unreasonable delay. Wyoming’s laws, on the other hand, require that notice of the breach be reported within a reasonable amount of time that does not exceed 45 days after the company is made aware of the breach. Florida requires notification within 30 days.

These notification deadlines aren’t necessarily steadfast, either. Did you notice how each of them allows companies to delay notification if there is a valid cause? Depending on the state, there may be various reasons for delay in notification. For example, criminal investigations and national security are both perfectly valid reasons to keep a notification of a breach delayed.

Federal Laws
While there is no data breach law on the federal level, there are various industry-specific regulations. For example, there is the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA), both of which have specific data breach policies enforced by the federal government. Unfortunately, there is no federal law which spans a general data security policy, so states will be dealing with these issues in their own ways.

Due to Equifax being a financial institution, it’s expected to hold fast to the standards put into place by the GLBA. Since the GLBA doesn’t have a deadline to inform affected users, Equifax technically adhered to the regulations. In the eyes of the law, they did nothing wrong--even if they should have been morally obligated to inform users as soon as possible.

Even though there are different notification laws for each state, there are other aspects of data security laws that vary based on both the industry and the state vs federal level. Every state has different policies regarding who the laws affect, what exactly defines a breach, who must be notified, how they must be notified, how the laws are enforced (and penalized), and who is exempt from the law.

If you need to know more information about the data breach notification laws of your state, the National Conference of State Legislatures offers current laws for each state. Your business needs to know how it will be affected by a data breach. To learn more, reach out to Network Solutions Unlimited at 217-428-6449.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 21 February 2018

Captcha Image

Mobile? Grab this Article!

QR-Code

Tag Cloud

App Going Green BDR Smartphones Applications Productivity Email Managed IT Service Social Engineering Public Cloud HaaS WIndows Server 2008 Chrome Budget Big Data PDF Browser Assessment Transportation Apple Apps Data Breach Wireless Technology Content Virtualization Spam Automobile Data storage Worker Commute Upgrade Microsoft Word Word Artificial Intelligence Data Backup Office Tips Law Enforcement Recovery Keyboard User Tips Comparison CrashOverride Cast Android Loyalty Remote Computing Tip of the Week Internet Screen Mirroring Personal Information Patch Management Upgrades Data Protection Internet exploMicrosoft Application Redundancy Two Factor Authentication IT Management Shortcut Adobe Touchscreen BYOD Edge Disaster Recovery Cybercrime Hard Disk Drive Settings Cybersecurity Gmail Worker Software as a Service Bandwidth Legislation Money Retail Privacy Consultant Business Owner Device Security Employer Employee Relationship Passwords Avoiding Downtime Government intranet Wireless Charging Video Games Data Storage Value Travel Save Money Sync Mobility Storage Unified Threat Management Evernote Education iPhone Monitor Instant Messaging Battery File Sharing Windows 10 Sports Gifts Encryption IT Solutions Windows 10s OneNote Windows Techology Networking WiFi MSP Small Business Best Practices Maintenance Marketing Productivity Benefits Private Cloud Safety How To Compliance Computing Infrastructure Computer Care Efficiency Robot WannaCry Holiday Miscellaneous IT budget Project Management Microsoft eWaste Ciminal Data HBO Proactive IT VoIP Business Computing Computer Cloud Google Maps Network Security Files Router Risk Management Customer Physical Security Alert FAQ Humor Vendor Management Administration IT Support Identity Theft Spam Blocking Identities History Windows 10 Unsupported Software hacker Credit Cards Experience Scam Cortana Mobile Devices Samsung Thank You Google Drive Cleaning Regulation Business Security Gadgets Hosted Solution Lifestyle Updates Tech Support Two-factor Authentication Smartphone Hosted Solutions Office 365 Politics Monitors Entertainment Wireless Legal Managed IT Services IT Services IT Support Password Social Media VPN Dark Web Fraud Audit Devices Books Network Communications Phone System Managed IT Conferencing Managed Service Provider Google Docs Outsourced IT Data Security Data Loss Managed IT Services Microsoft Office Emails The Internet of Things Advertising Troubleshooting Touchpad IT solutions Business Intelligence Licensing Professional Services Malware Hiring/Firing Emergency Cost Management Information Technology Cloud Computing Collaboration Congratulations Save Time Spyware Ransomware Root Cause Analysis Colocation Black Market Nanotechnology Training Flexibility Meetings Employer-Employee Relationship Server Commerce Operating System Electronic Medical Records Charger End of Support Excel Work/Life Balance Computers Hacking Search Hybrid Cloud Workers Sales Saving Money Microsoft Excel How to Hardware Internet Exlporer Outlook Mobile Device Management Google iOS Software Workplace Tips Downtime Data Management Vulnerability Solid State Drive Users Wi-Fi Phishing Windows Ink Bluetooth Blockchain Virtual Reality Quick Tips Document Management Cache SaaS Audiobook Innovation Remote Monitoring Smart Technology Computer Accessories Backup Tablets Internet of Things Business Continuity Bring Your Own Device Best Practice Business Management Relocation Reputation Office Facebook User Error Automation Specifications NFL Health Firewall Mobile Device Shadow IT Chromecast Laptop Webinar Hard Drives Telephone Systems USB Mobile Content Filtering Data Recovery Computer Fan Augmented Reality Scalability Television Hackers Rootkit Technology Public Computer HIPAA

Sign Up for Our Newsletter

  • Company Name *
  • First Name *
  • Last Name *